diff options
| author | Chuck Lever <chuck.lever@oracle.com> | 2026-01-28 18:19:27 +0300 |
|---|---|---|
| committer | Chuck Lever <chuck.lever@oracle.com> | 2026-03-30 04:25:09 +0300 |
| commit | 840621fd2ff23ada8b9262d90477e75232566e6b (patch) | |
| tree | ddfbbfa7f5d7f374a5dc61de0bbb96ae00f5de2b /include/linux/timerqueue.h | |
| parent | efb5b15e3b78f5644dd2d4ddec8880e0c9aa5b5f (diff) | |
| download | linux-840621fd2ff23ada8b9262d90477e75232566e6b.tar.xz | |
NFS: Use nlmclnt_shutdown_rpc_clnt() to safely shut down NLM
A race condition exists in shutdown_store() when writing to the sysfs
"shutdown" file concurrently with nlm_shutdown_hosts_net(). Without
synchronization, the following sequence can occur:
1. shutdown_store() reads server->nlm_host (non-NULL)
2. nlm_shutdown_hosts_net() acquires nlm_host_mutex, calls
rpc_shutdown_client(), sets h_rpcclnt to NULL, and potentially
frees the host via nlm_gc_hosts()
3. shutdown_store() dereferences the now-stale or freed host
Introduce nlmclnt_shutdown_rpc_clnt(), which acquires nlm_host_mutex
before accessing h_rpcclnt. This synchronizes with
nlm_shutdown_hosts_net() and ensures the rpc_clnt pointer remains
valid during the shutdown operation.
This change also improves API layering: NFS client code no longer
needs to include the internal lockd header to access nlm_host fields.
The new helper resides in bind.h alongside other public lockd
interfaces.
Reported-by: Jeff Layton <jlayton@kernel.org>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Diffstat (limited to 'include/linux/timerqueue.h')
0 files changed, 0 insertions, 0 deletions